diff --git a/backport-CVE-2024-46951.patch b/backport-CVE-2024-46951.patch new file mode 100644 index 0000000000000000000000000000000000000000..926c0aa3723aab6b40f93e17dbd07f2b12161fbc --- /dev/null +++ b/backport-CVE-2024-46951.patch @@ -0,0 +1,31 @@ +From ada21374f0c90cc3acf7ce0e96302394560c7aee Mon Sep 17 00:00:00 2001 +From: Zdenek Hutyra +Date: Fri, 30 Aug 2024 13:16:39 +0100 +Subject: [PATCH] PS interpreter - check the type of the Pattern Implementation + +Bug #707991 + +See bug report for details. + +CVE-2024-46951 +--- + psi/zcolor.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/psi/zcolor.c b/psi/zcolor.c +index d4e7a4438..d3384d75d 100644 +--- a/psi/zcolor.c ++++ b/psi/zcolor.c +@@ -5276,6 +5276,9 @@ static int patterncomponent(i_ctx_t * i_ctx_p, ref *space, int *n) + code = array_get(imemory, pImpl, 0, &pPatInst); + if (code < 0) + return code; ++ ++ if (!r_is_struct(&pPatInst) || (!r_has_stype(&pPatInst, imemory, st_pattern1_instance) && !r_has_stype(&pPatInst, imemory, st_pattern2_instance))) ++ return_error(gs_error_typecheck); + cc.pattern = r_ptr(&pPatInst, gs_pattern_instance_t); + if (pattern_instance_uses_base_space(cc.pattern)) + *n = n_comps; +-- +2.34.1 + diff --git a/ghostscript.spec b/ghostscript.spec index 8d0bd49bae5cf60daac2f408f9b9ddcae7152e8b..61e50a4474364d921e5297b479998421d25dc019 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -9,7 +9,7 @@ Name: ghostscript Version: 9.56.1 -Release: 10 +Release: 11 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -66,6 +66,7 @@ Patch116: Bug-707510-fix-LIBIDN-usage.patch Patch117: fix-CVE-2024-33869-second.patch Patch118: backport-CVE-2024-46953.patch Patch119: backport-CVE-2024-46956.patch +Patch120: backport-CVE-2024-46951.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -153,6 +154,7 @@ PDF files using Ghostscript and dvips %patch117 -p1 %patch118 -p1 %patch119 -p1 +%patch120 -p1 # Libraries that we already have packaged(see Build Requirements): rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib @@ -246,6 +248,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/ %{_bindir}/dvipdf %changelog +* Fri Nov 01 2024 liningjie - 9.56.1-11 +- Type:CVE +- ID:NA +- SUG:NA +- DECS: Fix CVE-2024-46951 + * Fri Oct 25 2024 liningjie - 9.56.1-10 - Type:CVE - ID:NA